1. Field of the Invention
The present invention relates to an automated teller's machine and in particular, relates to the security of the automated teller's machine.
2. Description of the Related Art
An automated teller's machine is installed at a variety of places, such as banks, post offices, convenience stores, stations, airports, etc., and a variety of transactions, such as deposit transactions, payment transactions, transfer transactions, exchange transactions, etc., are conducted according to a user's operation.
FIG. 1 shows an example configuration of a conventional automated teller's machine. The automated teller's machine 100 comprises a user interface unit 101, a main control unit 102 and a cash input/output unit 103.
The user interface unit 101 transmits the operation and instruction of a user to the main control unit 102 and provides the user with transaction-related information according to the instruction of the main control unit 102. The main control unit 102 performs a transaction according to a user's instruction and gives an instruction to the cash input/output unit 103 based on the transaction result. The main control unit 102 transmits/receives information related to the transaction to/from a host 111, if necessary. The cash input/output unit 103 outputs an amount of cash requested by a user or collects an amount of cash inputted by a user according to the instruction of the main control unit 102.
The operation of the automated teller's machine 100 is briefly described next. Here, a case where a user-A withdraws 5,000 yen is described as an example.
When withdrawing cash from the automated teller's machine 100, the user-A first selects "Withdraw cash" for a transaction to be performed. Then, the user-A inserts a cash card, credit card, etc. (hereinafter collectively called a cash card), inputs his or her password and inputs information about an amount of cash to be withdrawn, according to the guidance of the user interface unit 101.
The main control unit 102 notifies the host 111 of information for identifying the inserted cash card and other pieces of information inputted by the user-A. The host 111 judges whether the user-A is the authorized holder of the inserted cash card and whether the transaction requested by user-A is allowable. Then, the host 111 provides the main control unit 102 of the automated teller's machine 100 with an instruction corresponding to the judgment result.
It is assumed here that the user-A is the authorized holder of the cash card and the deposit balance of the account of the user-A is 5,000 yen or more. In this case, the main control unit 102 instructs the cash input/output unit 103 to "Output 5,000 yen". On receipt of this instruction, the cash input/output unit 103 outputs 5,000 yen. At this time, the user interface unit 101 issues a receipt relating to this transaction.
When a transaction is performed using an automated teller's machine, as a matter of course, security is a key factor. For this purpose, information transmitted/received between the automated teller's machine 100 and the host 111 is usually encrypted. In particular, if a network 112 is configured using a public network, complex cryptography is needed.
An existing automated teller's machine is usually developed for the exclusive use of each bank. Under these circumstances, the format, etc., of data in each automated teller's machine is not made public. Therefore, even if information used in an automated teller's machine is stolen, it is difficult to understand the contents and it is also difficult to alter the data. For that reason, the existing automated teller's machine was not generally provided with a special function to prevent information used in the machines from being stolen and altered.
However, recently standardization has also been promoted in the field of an automated teller's machine. As one architectural standard of an automated teller's machine, for example, a WOSA (Windows (TM) Open Service Architecture) Extensions for Financial Services "Cash Dispenser Device Class Service Provider Implementation Specification" is known.
In this way, the architecture of an automated teller's machine is standardized and the format, etc., of data used in the machine becomes widely known. Therefore, if information used in the automated teller's machine is stolen, the contents can easily be decoded and the data can also be altered.
For example, if as shown in FIG. 1, the user-A instructs "Withdraw 5,000 yen", the main control unit 102 instructs the cash input/output unit 103 to output 5,000 yen. In this case, the cash input/output unit 103 outputs 5,000 yen according to the instruction, and the host 111 reduces the deposit amount of user-A's account by 5,000 yen. At this time, if the information provided from the main control unit 102 to the cash input/output unit 103 is tapped and the information is altered from "Output 5,000 yen" to "Output 50,000 yen", the cash input/output unit 103 outputs 50,000 yen instead of 5,000 yen according to the altered information. In this case, the host 111 reduces the deposit amount of user-A's account by only 5,000 yen. As a result, the bank suffers a great loss by the illegal withdrawal.